Index
| Índice |
|---|
| outline | true |
|---|
| exclude | Index |
|---|
| style | none |
|---|
|
Integration with Active Directory
There are three ways to integrate fluig Identity with Active Directory (AD):
...
This script will be responsible for enabling Single Sign On (SSO) for fluig Identity. Provided that the user has entered their network credentials when logging on to Windows, no username or password will be required when they try to access fluig Identity or any application integrated with fluig Identity.
Architecture
Fluig Identity has a component called SmartSync, which acts as an agent between fluig Identity and the customer's Active Directory, and is responsible for:
...
| Deck of Cards |
|---|
|
| Card |
|---|
|
- One server with SmartSync installed, providing synchronization and authentication with AD credentials.
- This scenario comprises the integration between fluig Identity and Active Directory, including user synchronization and authentication using AD credentials.
- High availability not included.
Simple scenarios, no SSO and high availability.
|
| Card |
|---|
|
- Two servers, each one with SmartSync installed, providing high availability for synchronization and authentication with AD credentials.
- In this scenario, there are two servers to synchronize users and authenticate with AD credentials. If either server goes offline, the other one keeps supporting user synchronization and authentication.
- There is no need for a Load Balancer because SmartSync has an active behavior consuming a line of requests provided by fluig Identity.
- Single Sign On is not available in this scenario.
Scenario providing high availability for synchronization and authentication with AD credentials, Single Sign On not included.
|
| Card |
|---|
|
- One server with SmartSync and Desktop SSO installed, providing user synchronization and Single Sign On for fluig Identity using the AD credentials entered when logging on to Windows.
- In this scenario, SmartSync provides user synchronization and Desktop SSO provides Single Sign On. Provided that the user has properly entered their credentials to log on to Windows, they can access fluig Identity without having to enter their credentials again.
- This scenario does not offer high availability.
- If Desktop SSO is offline, users can authenticate into fluig Identity with their AD credentials.
- If SmartSync is off-line, users can access fluig Identity using the credentials entered when their account was enabled. This is a contingency credential.
Scenario in which there is user synchronization and Single Sign On to access fluig Identity, but no high availability
|
| Card |
|---|
|
- Three servers, two of which have SmartSync and Desktop SSO installed, providing a high availability environment, and a third one working as Load Balancer.
- In this scenario, SmartSync provides user synchronization and Desktop SSO provides Single Sign On. Provided that the user has properly entered their credentials to log on to Windows, they can access fluig Identity without having to enter their credentials again.
- This scenario offers high availability.
- If Desktop SSO is offline, Load Balancer directs the request to the online server.
- If a SmartSync is offline, the other installation continues to provide the user synchronization service.
Scenario where there is user synchronization, Single Sign On, and high availability.
|
|
Requirements
It would be ideal to provide a high availability environment, with 2 computers dedicated to SmartSync and Desktop SSO, and a third one used for load balance, in the case of Desktop SSO.
...